Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift container platform 3.11 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-20615
An out-of-bounds read issue exists in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x up to and including 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame le...
Haproxy Haproxy
Haproxy Haproxy 1.9.0
Opensuse Leap 15.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Enterprise Linux 7.4
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 7.5
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux 7.6
7.5
CVSSv3
CVE-2018-12022
An issue exists in FasterXML jackson-databind before 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provi...
Fasterxml Jackson-databind
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Retail Merchandising System 15.0
Redhat Openshift Container Platform 3.11
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Single Sign-on 7.3
Redhat Jboss Brms 6.4.10
Redhat Automation Manager 7.3.1
Redhat Decision Manager 7.3.1
7.5
CVSSv3
CVE-2018-12023
An issue exists in FasterXML jackson-databind before 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possi...
Fasterxml Jackson-databind
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Retail Merchandising System 15.0
Redhat Openshift Container Platform 3.11
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Single Sign-on 7.3
Redhat Jboss Brms 6.4.10
Redhat Automation Manager 7.3.1
Redhat Decision Manager 7.3.1
7.5
CVSSv3
CVE-2019-3818
The kube-rbac-proxy container before version 0.4.1 as used in Red Hat OpenShift Container Platform does not honor TLS configurations, allowing for use of insecure ciphers and TLS 1.0. An attacker could target traffic sent over a TLS connection with a weak configuration and potent...
Kube-rbac-proxy Project Kube-rbac-proxy
Redhat Openshift Container Platform 3.11
7.5
CVSSv3
CVE-2018-20102
An out-of-bounds read in dns_validate_dns_response in dns.c exists in HAProxy up to and including 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the bu...
Haproxy Haproxy
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Openshift Container Platform 3.11
7.5
CVSSv3
CVE-2018-20103
An issue exists in dns.c in HAProxy up to and including 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion.
Haproxy Haproxy
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Openshift Container Platform 3.11
7.4
CVSSv3
CVE-2021-20218
A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability ...
Redhat Kubernetes-client
Redhat A-mq Online -
Redhat Build Of Quarkus -
Redhat Codeready Studio 12.0
Redhat Descision Manager 7.0
Redhat Integration Camel K -
Redhat Jboss Fuse 7.0.0
Redhat Openshift Container Platform 3.11
Redhat Process Automation 7.0
7.2
CVSSv3
CVE-2020-7013
Kibana versions prior to 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB. An authenticated attacker with privileges to create TSVB visualizations could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code...
Elastic Kibana
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.0
7.2
CVSSv3
CVE-2019-1003003
An improper authorization vulnerability exists in Jenkins 2.158 and previous versions, LTS 2.150.1 and previous versions in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies ...
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
7.2
CVSSv3
CVE-2019-1003004
An improper authorization vulnerability exists in Jenkins 2.158 and previous versions, LTS 2.150.1 and previous versions in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java that allows malicious users to extend the duration of active HTTP sessions indefinit...
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »